I have to add rules in auditd.
It seems to work for recording command (option -w) but not for option -a where arch must be specified.
For example :
$> auditctl -a exit,always -F arch=b64 -S adjtimex -S settimeofday -S clock_settime -k timechange
arch elf mapping not found
$> uname -m
aarch64
The kernel is compiled with
CONFIG_AUDIT=y
CONFIG_AUDITSYSCALL=y
CONFIG_HAVE_ARCH_AUDITSYSCALL=y
Have you got an idea ?
Thanks
The solution was to recompile auditd with the good argument, espicially --with-arm64 during the configure phase.
Related
Inside of my GitLab CI file I have a file which is copied from the "Publish npm packages instruction",
before_script:
- |
{
echo "#${CI_PROJECT_ROOT_NAMESPACE}:registry=${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/packages/npm/"
echo "${CI_API_V4_URL#https?}/projects/${CI_PROJECT_ID}/packages/npm/:_authToken=\${CI_JOB_TOKEN}"
} | tee --append .npmrc
When I try to run this in Alpine Linux I'm getting.
$ { # collapsed multi-line command
tee: unrecognized option: append
BusyBox v1.31.1 () multi-call binary.
Usage: tee [-ai] [FILE]...
Copy stdin to each FILE, and also to stdout
-a Append to the given FILEs, don't overwrite
-i Ignore interrupt signals (SIGINT)
The reason is simple, there are two implementations of tee,
Busybox, which Alpine uses, has tee but it doesn't provide an --append. It does provide an -a option (short for append) which is defined as "append to the given FILEs, do not overwrite"
GNU CoreUtils provides a copy of tee too it has --append which you're making use of here. It's also defined as "append to the given FILEs, do not overwrite". But as a shorthand, GNU Tee also provides the alias is -a.
So in short, if you want something to be compatible with Alpine and BusyBox as well as distros that ship GNU Tee then use -a (supported in both) instead of --append (supported only in GNU Tee).
I'm running the following command:
echo fs.inotify.max_user_watches=524288 | sudo tee -a /etc/sysctl.conf && sudo sysctl -p
and getting this error:
sysctl: cannot stat /proc/sys/fs/inotify/max_user_watches: No such file or directory
I'm not sure what to do about this. I'm running WSL on Windows 10 Build 1709, OS Build 16299.309
max_user_watches was not implemented in 1709. It apperars to be fixed in 1803. For more details you can refer to this bug:
https://github.com/Microsoft/WSL/issues/1705
I installed zabbix-sender but when execute zabbix-sender i get command not found.
[root#db1 zabbix]# yum info zabbix-sender
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
Installed Packages
Name : zabbix-sender
Arch : x86_64
Version : 3.4.6
Release : 1.el7
Size : 1.0 M
Repo : installed
From repo : _ftp
Summary : Zabbix Sender
URL : http://www.zabbix.com/
License : GPLv2+
Description : Zabbix sender command line utility
when i use thi command
[root#db2 zabbix]# zabbix_sender -z zabbix -s db2 -k mysql[Binlog_cache_disk_use] -o 2000 -vv
-bash: zabbix_sender: command not found
Why does this happen?
[root#db1 zabbix]# !r
rpm -lq zabbix-sender
/usr/bin/zabbix_sender
/usr/share/doc/zabbix-sender-3.4.6
/usr/share/doc/zabbix-sender-3.4.6/AUTHORS
/usr/share/doc/zabbix-sender-3.4.6/COPYING
/usr/share/doc/zabbix-sender-3.4.6/ChangeLog
/usr/share/doc/zabbix-sender-3.4.6/NEWS
/usr/share/doc/zabbix-sender-3.4.6/README
/usr/share/man/man1/zabbix_sender.1.gz
[root#db1 zabbix]# zabbix-sender -z zabbix -s db1 -k mysql[Uptime] -o 1540 -vv
-bash: zabbix-sender: command not found
[root#db1 zabbix]#
checked again
I understand why does this happen! I remove Zabbix-sender and install again. when using Zabbix-sender -z Zabbix -s db1 -k mysql[Uptime] -o 1540 -vv there is no problem and working but after execute prel MySQL-check.pl root password then Zabbix-sender it seems to be removed. Does anyone know why? I using this template link
List files provided by rpm package:
$ rpm -ql zabbix-sender
/usr/bin/zabbix_sender
...
Try /usr/bin/zabbix_sender - do you have correct PATH setting (is /usr/bin/ included there)?
I am using CLion as IDE. After building the output is an executable file example. What I would like to achieve is make .hex file from it and upload it to my AVR via avrdude. I read and tried some possible solutions here
xxd -p example | tr -d '\n' > example.hex
and
avrdude -u -c usbasp-clone -p atmega8 -P /dev/bus/usb/001/006 -U flash:w:example.hex
but avrdude outputs
avrdude: input file example.hex auto detected as invalid format
avrdude: invalid input file format: -1
avrdude: read from file 'example.hex' failed
Any ideas here?
The tool for extracting sections from an executable and converting them into another format is objcopy.
avr-objcopy -j .text -j .data -O ihex example example.hex
Or if your avrdude is built with ELF support then you can use the executable directly.
avrdude -c usbasp-clone -p atmega8 -U flash:w:example
I run a code which needs gtest, but terminal shows:
'gtest/gtest.h' file not found
Here is the command:
$ g++ -w -I ../gtest/include/gtest -I../snap-core -I../glib-core -c run-all-tests.cpp
I think I add the path of gtest, but system did not find it.
You need to change
-I ../gtest/include/gtest
to
-I ../gtest/include/
because you are looking for the tile gtest/gtest.h, not gtest/gtest/gtest.h